﻿<?php session_start(); ?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" >
<head>
<?php
include("siteName.php");
$sOut = "<p>Welcome to the " . $siteName . " site";
if (isset($_SESSION["uName"])) {
$sOut .= ", " . $_SESSION["uName"];
}
$sOut .= "<br />Below there is a form that will let you search for products.</p>";
$searchTerms = "";
$prodArray = array();
$sortField = "vName";
$sortOrder = "ASC";
require("dbInc.php");
if (isset($_POST["btnSearch"])) {
$mysqliObj = new mysqli($dbHost, $dbUser, $dbPass, $dbDB);
$searchTerms = trim($_POST["txtSearch"]);
if (isset($_POST["hidSortField"])) {
$sortField = mysqli_real_escape_string($mysqliObj, $_POST["hidSortField"]);
$sortOrder = mysqli_real_escape_string($mysqliObj,  $_POST["hidSortOrder"]);
}//end of handle sort change
$sql = sprintf("select id, iCatID, vName, vDescription, fPrice, vURLs from %s", $tableProducts);
$searchSQL = "";
if (strlen($searchTerms) > 0) {
$termsArray = explode(" ", mysqli_real_escape_string($mysqliObj, $searchTerms));
foreach ($termsArray as $term) {
if (strlen($term) > 0) {
$searchSQL .= str_replace("#", "%", sprintf("(vName like '#%s#' or vDescription like '#%s#') or ", $term, $term));
}//end of checking strlen(term)
}//end of looping through terms
if (strlen(searchSQL) > 0) { $searchSQL = substr($searchSQL, 0, (strlen($searchSQL) - 4)); }
}//end of checking if search terms entered
if (strlen($searchSQL) > 0) { $sql .= " where (" . $searchSQL . ")"; }
$sql .= sprintf(" order by %s %s;", $sortField, $sortOrder);
$res = $mysqliObj->query($sql);
$res->data_seek(0);
if ($res->num_rows > 0) {
while ($row = $res->fetch_assoc()) {
$productPrice = $currencySymbol . sprintf("%1\$.2f", floatval($row["fPrice"]));
array_push($prodArray, array("id"=>$row["id"], "vName"=>$row["vName"], "vDescription"=>$row["vDescription"], "fPrice"=>$productPrice, "vURLs"=>$row["vURLs"], "iCatID"=>$row["iCatID"]));
}//end of looping through data rows
}//end of checking num_rows
$mysqliObj->close();
}//end of checking if form submitted
?>
<title><?php echo $siteName; ?> - Product search</title>
<link type="text/css" rel="stylesheet" href="styles.css" />
<script type="text/javascript" language="javascript">
function changeSort(sortField) {
if (document.getElementById("hidSortField").value == sortField) {
if (document.getElementById("hidSortOrder").value == "ASC") {
document.getElementById("hidSortOrder").value = "DESC";
} else {
document.getElementById("hidSortOrder").value = "ASC";
}//end of changing ascending/descending for same field
} else {
document.getElementById("hidSortOrder").value = "ASC";
}//end of checking if same field value
document.getElementById("hidSortField").value = sortField;
document.getElementById("frmSort").submit();
}//end of changeSort function

function showProduct(prodID, catID) {
var pURL = "product.php?catid=" + catID + "&id=" + prodID;
var win=window.open(pURL,'productDetail');
}//end of showProduct function
</script>
</head>
<body>
<iframe name="logoFrame" id="logoFrame" src="logo.htm" border="0" height="120" align="top" frameborder="0" marginheight="0" width="100%" scrolling="no">
<a href="http://www.blindza.co.za/" target="_blank">
<img src="logo/blindza_logo_smaller46.jpg" alt="blindZA.co.za logo - white text on black background, with white border - and red braille version hovering in front of normal text" width="317" height="103" border="0" />
</a>
</iframe>
<a href="index.php">Back to entry page</a>
<h2><?php echo $siteName; ?> - Product search</h2>
<p><?php echo $sOut; ?></p>
<h3>Search criteria</h3>
<form action="search.php" method="post" enctype="multipart/form-data">
<table align="center" border="0">
<tr>
<th align="right">Search terms - separated by spaces</th>
<td>
<input type="text" name="txtSearch" value="<?php echo $searchTerms; ?>" width="75" />
</td>
</tr>
<tr>
<th align="center" colspan="2">
<input type="submit" name="btnSearch" value="Search" />
</th>
</tr>
</table>
</form>
<?php
if (isset($_POST["btnSearch"])) {
?>
<h3>Search results</h3>
<?php
if (count($prodArray) > 0) {
?>
<table>
<tr>
<th><a onclick="changeSort('vName');">Product name</a></th>
<th>Product description</th>
<th><a onclick="changeSort('fPrice');">Price</a></th>
</tr>
<?php
foreach ($prodArray as $product) {
$sOut = "<tr>\n<td valign='top'><a onclick='showProduct(%s, %s);'>%s</a></td><td>%s</td><td align='right'>%s</td>\n</tr>\n";
echo sprintf($sOut, $product["id"], $product["iCatID"], $product["vName"], $product["vDescription"], $product["fPrice"]);
}//end of looping through products
?>
</table>
<?php
} else {
echo "<p class='error'>No products found matching criteria</p>\n";
}//end of making sure there are products to display
}//end of checking if form was submitted
?>
<form action="search.php" method="post" enctype="multipart/form-data" id="frmSort">
<input type="hidden" name="hidSortField" id="hidSortField" value="<?php echo $sortField; ?>" />
<input type="hidden" name="hidSortOrder" id="hidSortOrder" value="<?php echo $sortOrder; ?>" />
<input type="hidden" name="btnSearch" value="Search" />
<input type="hidden" name="txtSearch" value="<?php echo $searchTerms; ?>" />
</form>
</body>
</html>
